Сlarity and Trust – We take pride in being the site where you can feel free to express your opinion and leave feedback. Whenever you click on the websites of products reviewed by us, we participate in the revenue sharing and get commissions that help us maintain our project. Read more about how we work.

Avast introduced free decryptors for AtomSilo, Babuk and LockFile ransomware

Now Reading
Avast introduced free decryptors for AtomSilo, Babuk and LockFile ransomware

Avast introduced free decryptors to recover files previously encrypted by AtomSilo, Babuk and LockFile malware.

It is suggested to use the same decoder for AtomSilo and LockFile. The researchers explain that these ransomware strains are very similar to each other, so it was possible to create a single tool for them.

Avast decryption Tool

The company emphasizes that the decoder may not be able to cope with files with unknown and proprietary formats or without extensions at all.

It is reported that specialists managed to crack the malware using information received from the researcher RE-CERT. In the middle of this month, he wrote on Twitter that he found a way to hack AtomSilo and even created his own decoder as a proof-of-concept.

Something big -> I just cracked #AtomSilo – one of the Latest Ransomware Family. I already have POC Decryptor but its not yet tuned for performance and mass file processing. But Please help me to reach more People who could be affected. I am free to collab !!! Any Help and collab to tune more the Decryptor is Welcome!!! I do not want to share details and help The Creators to repaire the Code so help me to find some good way to make it available.(To avoid paying 500k$).the researcher reported on Twitter.

A tool for decrypting data after Babuk ransomware attacks was also presented separately. Avast experts write that they were able to develop this tool using the malware source code, which was published on the Russian-speaking hack forum in early September.

On Twitter, experts write that the source code contained keys to decrypt data for past victims of the ransomware.

However, the decryptor will only work with past Babuk victims who still have files encrypted with .babuk, .babyk and .doydo extensions.

Avast decryption Tool for Babuk

To decrypt your files, please, follow these steps:

  1. Download the free decryptor. The single EXE file covers both ransomware strains.
  2. Simply run the EXE. It starts in form of wizard, which leads you through configuration of the decryption process.
  3. On the initial page, you can see a list of credits. Simply click “Next”
  4. On the next page, select the list of locations which you want to be decrypted. By default, it contains a list of all local drives.
  5. On the third page, you can select whether you want to backup encrypted files. These backups may help if anything goes wrong during the decryption process. This option is turned on by default, which we recommend. After clicking “Decrypt”, the decryption process begins.
  6. Let the decryptor work and wait until it finishes.

Let me remind you that we also wrote, that During five years of operation, the No More Ransom project helped to save $900 million from ransomware.

What's your reaction?
Love It
Like It
Want It
Had It
Hated It
About The Author
Vladimir Krasnogolovy
Leave a response

Leave a Response